A website hosted in Plesk fails to load: ModSecurity: Response body too large

Kuzma Ivanov

Updated March 20, 2025 06:09

Plesk for Linux kb: technical

Applicable to:

A website is not loading with the following error message in a web browser:

PLESK_INFO: 500
Internal Server Error
The following messages are logged in Domains > example.com > Logs:

CONFIG_TEXT: [error] [client 203.0.113.2] ModSecurity: Output filter: Response body too large (over limit of 524288, total not specified). [hostname "www.example.com"] [uri "/index.php"] ...

The website has exceeded default ModSecurity SecResponseBodyLimit parameter (1 MB).

Adjusting 'SecResponseBodyLimit' for one domain

Log in to Plesk.
Go to Domains > example.com > Hosting & DNS > Apache & nginx Settings.
Add the line below to Additional directives for HTTP and Additional directives for HTTPS fields to increase SecResponseBodyLimit to 256 MB (or define your own value):

CONFIG_TEXT: <IfModule mod_security2.c>
SecResponseBodyLimit 268435456
</IfModule>
Apply the changes.

Adjusting 'SecResponseBodyLimit' for all domains

Log in to Plesk.
Go to Tools & settings > Web Application Firewall (ModSecurity) > Settings tab. > Custom directives section:
Add the line below to Custom directives section to increase SecResponseBodyLimit to 256 MB (or define your own value):

CONFIG_TEXT: SecResponseBodyLimit 268435456
Apply the changes.